CERIS IT Compliance Analyst

About The Position

Requirements

• Bachelor’s degree in Business Administration, Risk Management, Healthcare Administration, Legal/Paralegal Studies, Information Security or related field (or equivalent experience).
• 2–5 years of experience in compliance, audit, or information security.
• Working knowledge of regulatory frameworks (HITRUST CSF, SOC, HIPAA).
• Familiarity with healthcare regulatory authorities and governance areas (CMS, HHS, OCR, OIG).
• Experience coordinating audits and managing evidence requests across diverse teams.
• Strong organizational, analytical, and communication skills; detail-oriented and adaptable.

Nice To Haves

• Experience supporting HITRUST certification or readiness assessments.
• Collaboration with legal teams and practices including regulations, policies and contracts.
• Familiarity with GRC tools (e.g., Archer, ServiceNow GRC, ProcessUnity, OneTrust).
• Utilization of compliance automation tools (e.g., Conveyor, Drata, Vanta, Winify AI).
• Certifications such as HITRUST CCSFP, CISA, CISM, CRISC, CGEIT, or CISSP.

Responsibilities

• Assessment & Audit Support Coordinate internal and external compliance assessments, audits and certifications.
• Prepare, organize, and manage evidence to meet control and audit requirements.
• Track remediation activities and ensure timely closure of identified gaps.
• Maintain audit-ready documentation and support readiness reviews.
• Additional duties as assigned Compliance Program Management Support development and maintenance of compliance frameworks, policies, and procedures.
• Monitor regulatory and framework changes, updating controls and documentation as needed.
• Participate in risk assessments and control evaluations to identify opportunities for efficiency, automation and continuous improvement.
• Conduct and/or support periodic control testing and continuous monitoring to validate control effectiveness and compliance readiness.
• Contribute to compliance metrics, dashboards and trend reporting for leadership visibility.
• Collaboration & Communication Partner with IT, Security, Privacy, Legal and Operations to ensure consistent compliance practices.
• Collaborate with Privacy and Data Governance teams to ensure alignment with HIPAA, CCPA, GDPR and other data protection regulations.
• Communicate compliance requirements, audit findings and remediation progress clearly to stakeholders at all levels.
• Support awareness and training initiatives promoting compliance and data protection.
• Promote a culture of accountability and continuous improvement.

Benefits

• Medical (HDHP) w/Pharmacy, Dental, Vision, Long Term Disability, Health Savings Account, Flexible Spending Account Options, Life Insurance, Accident Insurance, Critical Illness Insurance, Pre-paid Legal Insurance, Parking and Transit FSA accounts, 401K, ROTH 401K, and paid time off.